Triton based R2 plugin for concolic execution (WIP)
Currently, R2 and Triton need to be compiled with the same libcapsone version. This should change in the future.
As this is still WIP, commands might change, check for the readme file updates after git pull.
git clone https://github.com/kamou/pimp.git
As this is about concolic execution, the r2's debug mode is required.
r2 -d bnary -i path/to/pimp.py
Initialise the Triton context:
Declare or list the symbolic variables (memory):
pimp.input [size] [address]
Emulate execution until a symbolic instruction is met:
Emulate execution until a symbolic jump is met:
Take Current conditional jump:
Avoid current conditional jump:
Reset triton memory with current binary memory:
Load triton generated input back into r2:
Peek a memory value from the Triton cache:
pimp.peek size address
Poke (write) a memory value to the Triton cache (only do this if you know what you are doing):
pimp.poke value size address
Ayman Khamouma (@dsknctr) [email protected]